• No results found

CREATING A BETTER BACKUP PLAN

N/A
N/A
Info
Download
Protected

Academic year: 2021

Share "CREATING A BETTER BACKUP PLAN"

Copied!
14
0
0

Loading.... (view fulltext now)

Download now ( 14 Page )

Full text

(1)
(2)

CONTENTS

Backing Up is Hard To Do ...3 The Front Line of the Backup Plan ...4 Holes in the Backup Plan ...5 Solving the Problem of

Servers Created by Non-IT Personnel ...8 Solving the Problem of

Data Waiting to be Backed Up ...9 Solving the Problem of

Online Data Under Attack...10 Solving the Problem of

Accessibility to Backed Up Data ...12 Solid Backup Plans Save Time & Productivity ...13

ABOUT THE AUTHOR:

DAVID CUMMINGS

Systems Engineer, David Cummings, is Gallery Systems’ network and database administrator and supervises the network security for our clients’ data.

(3)
(4)

THE FRONT LINE OF THE BACKUP PLAN

In an old Sex and the City episode, a Mac repair tech asks

a distraught Carrie Bradshaw, “When is the last time you backed up your work,” and she says, “I don’t do that.” Later, friend Miranda asks about backups, and Carrie says, “You know, no one talks about backing up. You’ve never used that expression with me before, but apparent-ly everybody’s secretapparent-ly running home at night and back-ing up their work.”

Times have changed since 2001 when that episode aired, and no one today would be surprised by the question of backups. Of course there are backups. That’s what IT does, isn’t it? Backs up our work?

The answer, however, is yes and no, because in any orga-nization, office or development environment of any kind, there are going to be holes in the backup plan: data that should be getting backed up simply isn’t.

In the case of poor Carrie Bradshaw, her entire laptop (and her life’s work as a columnist) fell victim. If her friends had thought to ask the question, “Do you backup?” before her laptop crashed, they would have been performing the task of Front Line Backup Activity: identifying the holes in the backup plan by talking directly with the data contributors themselves.

(5)

HOLES IN THE BACKUP PLAN

For any enterprise organization, the Backup Plan

normal-ly includes backing up things like shared network drives, published UNC folder shares, shared SQL database servers and their databases, shared Oracle database servers and their instances, mail servers and all email and associated data, Domain Controllers and the Active Directory data-base, media servers and all their stored media, as well as other data objects that might be unique to a particular institution.

But what are some possible holes in the backup plan? Holes in the backup plan can be grouped by whether they are user-related problems (problems on the Front Line) or more IT-related (problems on the Back End). IT-related holes are problems with servers, software and the organiza-tion of backups.

Here’s a quick summary of problem sources:

USER-RELATED (FRONT LINE)

a. Work in progress: the data being keyed in at any given moment

b. Local hard drives on user workstations and laptops

c. Servers created by non-IT personnel

IT-RELATED (BACK END)

a. Data waiting to be backed up b. Online data under attack

(6)

SOLVING THE PROBLEM OF LOCAL WORK

Items 1a and 1b can be considered together. The problem is basically one of protecting the user

from losing the work she is performing at any given moment.

Here are some solutions:

1. Encourage users to work directly on networked drives, or in network-shared UNC folders at all times. That way, whenever they hit the save button, they are saving directly to the most robust drives in the orga-nization. Though not always possible due to issues of connectivity or impeded productivity, this should be considered.

2. Encourage users to make use of simple synchroni-zation programs, such as Beyond Compare, that are cheap to buy and easy to use. Then, if they are saving to their local drives, they can periodically synchronize their drive with the associated network path. Users will often balk at doing this, but in the long run may find that the pain of the extra save is outweighed by the gain of never losing their work.

3. Use Microsoft Office products, or other software that have background saves. Google docs is also an option, though there might be security consid-erations. Encouraging users, whenever possible, to use software that has automatic save capability, prevents or limits lost data when their computer suddenly crashes.

(7)

5. Consider the use of auto-save plugins, of which there are many, to backup work on software that doesn’t have auto-save capability.

6. Fortify the Front Line by making sure you know what user data should be backed up, such as local document folders, and that users know to report any new sources of data that should be included in backups.

7. Encourage laptop users to use network shares and/ or folder synchronization as much as possible, es-pecially if they are on a laptop that doesn’t have a RAID set (which is most laptops).

8. Consider using SSD drives. Laptops represent a special problem because they typically do not have or support two drives, and those that do, don’t generally support hardware RAID. SSD drives are perhaps more reliable than HDD drives.

9. Have users work in RAID sets on their local com-puters, since some computer crashes involve the local disk drive.

10. Consider the use of auto-synchronization programs that run in the background, across the network, synchronizing user document folders with network shared folders. RAID sets can fail, data corruption can be transmitted across all members of the RAID set, and it is possible to have a situation where the data on a workstation drive or drive-set is com-pletely inaccessible. This type of failure can be mitigated by having ongoing auto-synchronization of data between important folders on user work-stations and related folders on network shares. 11. Consider using Windows Shadow Copy where

ap-plicable, though the pros and cons of this service must be discussed in your organization.

(8)

SOLVING THE PROBLEM OF

SERVERS CREATED BY NON-IT PERSONNEL

(9)

DATA WAITING TO BE BACKED UP

How safe is the data on those mapped networked drives or

networked shared folders, the ones that are so ubiquitous in a modern organization, and are so counted on by users to be a safe place to save files? In an organization with only a single-time-zone and dayshift, the backup tape drives turn on after the lights go out. Then, at some point in the evening or early morning, all the new data on the network is fully backed up to tape. But, it’s important to consider that normal system backups are point-in-time backups, and data also needs to be protected during the day, while users are adding content and updating databases. Plus, there is the added challenge for organizations with 24-hour operations.

Here are steps to ensure the integrity of data on the network shares between backup times:

1. Utilize RAIDed hard drives. It’s likely that all enter-prise-aware organizations use RAIDed drives for their network storage. Discussions of which RAID set is best in which circumstance should be ongoing in your organization. Ask questions like: are you using the right RAID level for each given set of data? And, should you reconsider your overall disk drive RAID strategy? A discussion of pros and cons of the differ-ent RAID levels available is also important.

(10)

SOLVING THE PROBLEM OF

ONLINE DATA UNDER ATTACK

Every organization has a security strategy that includes

malware protections at the firewall level, at the server level, and at the workstation level. However, malware still gets through. One of the most insidious forms of malware in existence, and one that can only be truly protected against with good backups, is ransomware. Ransomware encrypts your files with an unbreakable encryption, and then deliv-ers instructions for data recovery that involves paying a fee to the ransomware hacker (who then may or may not give you a decryption key).

Ransomware is often distributed to users via a link or download in an email, so it often gets past malware protection software undetected. Once ransomware starts running on a user’s workstation, it encrypts all the files on all the drives that workstation

(11)

Though no protection against ransomware is 100% effective, here are steps that should be considered:

1. Have as much malware protection in place as possi-ble, at both the firewall level and the server OS level. 2. Put a percentage limit in the synchronization

soft-ware, so that it will refuse to run if it detects chang-es over a certain low thrchang-eshold, say 10%.

3. Have the synchronization software address the secondary shares by their UNC paths. Do not have networked drives mapped to the secondary shares. Most ransomware is only aware of drive letters (local or mapped) and doesn’t have access to UNC path shares.

4. Perform backups-to-tape as frequently as possi-ble. Tape backups can’t be replaced with ransom-ware-encrypted data. Once data is backed up to tape, it is truly safe (as long as the tape media itself remains viable). If possible, perform incre-mental tape backups throughout the day. 5. If possible, shift from network mapped drives

(12)

SOLVING THE PROBLEM OF

ACCESSIBILITY TO BACKED UP DATA

If you need to restore data from an offline backup that

exists on a tape or on a backup-to-disk hard drive, how accessible are those backups? If you have a large network, a multitude of users, and a huge amount of new data being backed up each week or month, the number of tapes or hard drives in the backup inventory can become large and unwieldy. Also, finding where a particular piece of data is can become complicated. Most enterprise backup software uses catalogs of one kind or another and these catalogs can require refreshing or rebuilding, which means search-ing through tapes to find the files you want to restore. In the case of a full system recovery following a ransom-ware attack, or major hardransom-ware failure, it’s probably not dif-ficult to find the most recent full+differential system back-ups, though the time to restore can be significant. But, if someone is asking for a file that was backed up last month, or last year, the search process can be daunting.

Here are strategies to handle problems involving data accessibility:

1. Invest in a tape library device instead of individu-al tape units, if such an investment is within your organization’s budget.

2. Research which backup software to use, with par-ticular attention paid to the method of cataloging and the accessibility of catalogs, particularly old catalogs, even if the particular backup media itself is not online.

3. Consider replacing (or augmenting) tape backups with backups-to-disk, though the pros and cons of that choice should be thoroughly discussed in your organization.

(13)

SOLID BACKUP PLANS SAVE TIME AND

INCREASE PRODUCTIVITY

Bottom line: backups save time and improve productivity, which translates into saved money. They save the user from having to re-write a document or re-enter data. They save the development company from having to re-develop soft-ware. They save the IT department from having to re-build an entire network from scratch.

(14)

HOSTING SERVICES FROM GALLERY SYSTEMS

Gallery Systems offers scalable hosting services that can

manage as much or as little of the IT for your collections management application as you need. With Gallery Systems as your hosting partner, your institution’s staff will have secure, web-browsing-enabled access to your data from anywhere. We can handle the nightly backups, schedule service upgrades, monitor database health, and perform all other system administration duties. The data always belongs to you and is accessible only to you and your staff as we rigorously follow your rules for data connectivity and security.

ABOUT GALLERY SYSTEMS

Over 800 clients worldwide trust Gallery Systems with the cataloging and management of their collections. For over 30 years, Gallery Systems’ collection management and web publishing software has been the leading choice of the fin-est cultural institutions, from private collectors and muse-ums, to corporate and government archives and agencies.

Find out how we can help with your collections management and application hosting needs.

References

Download now ( PDF - 14 Page - 695.97 KB )

Related documents

Can ultrasound elastography distinguish metastatic from reactive lymph nodes in patients with primary head and neck cancers?

The purpose of this study was to evaluate the diagnostic utility of real-time elastography (RTE) in differentiat- ing between reactive and metastatic cervical lymph nodes (LN)

Additive manufacturing graded-material design based on phase-field and topology optimization

(19) leads us to an optimized structure where, as in the single-material case, the perimeter of the body is defined by the sharp interface of the phase-field variable φ , while

Film music : the synthesis of two art forms - a case study of themes and characters in Alfred Hitchcock's and Bernard Herrmann's Vertigo

Madeleine’s “belief” that she is Carlotta Valdez, her death and rebirth as Judy (and then Madeleine again) and Scottie’s mental rebirth after his breakdown.. All of these

Confronting Educational Politics with Preservice Teachers: Reactions to Waiting for Superman

In this study, we use documentary film as a way to encourage preservice teachers to critically analyze the public perception of teaching in the United States and engage in

Public Transport Authorities’ Use of Cost-Benefit Analysis in Practice

Finally, comparing answers for why CBA is not used as a decision support (Table 2 and Table 5), the perhaps only difference is that year 2016 only two PTAs answer that lack of

quiz pbo

From your Alice lessons, which programming instruction represents the following movement: A cat moves forward double (or twice) the distance to the tree.. this.Cat move Forward

The Awareness of the Importance of Voluntary Blood Donation among Students of Medicine and Nursing at Faculty of Medicine in Osijek

Cilj ovog istraživanja bila je procjena svijesti o važnosti dobrovoljnog darivanja krvi među studentima treće godine Sveučilišnog preddiplomskog studija Sestrinstva te studentima